/// <summary>
/// Erzeugen aller standart rollen (Admin und Datenschutzbeauftragter mit den jeweiligen rechten)
/// </summary>
/// <param name="roleService">rollen service</param>
public static void SeedRoles(IRoleService roleService)
{
foreach (string roleToCreate in RoleClaims.DEFAULT_GROUPS)
{
Role role = roleService.FindRoleByNameAsync(roleToCreate).Result;
if (role == null)
{
roleService.CreateAsync(new Role()
{
Name = roleToCreate
}).Wait();
}
role = roleService.FindRoleByNameAsync(roleToCreate).Result;
if (role != null)
{
IList <Claim> existingClaims = roleService.GetClaimsAsync(role).Result;
List <Claim> claimsToCheck = new List <Claim>();
if (role.Name.Equals(RoleClaims.ADMIN_GROUP))
{
claimsToCheck = RoleClaims.GetAllAdminClaims();
}
else if (role.Name.Equals(RoleClaims.DATA_SECURITY_ENGINEER_GROUP))
{
claimsToCheck = RoleClaims.GetAllDsgvoClaims();
}
foreach (Claim claim in claimsToCheck)
{
if (existingClaims.FirstOrDefault(x => x.Type.Equals(claim.Type) && x.Value.Equals(claim.Value)) == null)
{
roleService.AddClaimAsync(role, claim).Wait();
}
}
}
}
}
public override async Task <AddRoleClaimResponse> AddRoleClaim(AddRoleClaimRequest request, ServerCallContext context)
{
if (!await _roleService.RoleExistsAsync(request.RoleName))
{
throw context.NotFoundRpcException($"The role '{request.RoleName}' wasn't found.");
}
var role = await _roleService.FindByNameAsync(request.RoleName);
var claims = await _roleService.GetClaimsAsync(role);
var claim = new Claim(request.Claim.Type, request.Claim.Value);
if (claims.Any(x => x.Type == claim.Type && x.Value == claim.Value))
{
var detail = $"The claim type '{claim.Type}' (value=\"{claim.Value}\") already exists in role '{role.Name}'. (roleId=${role.Id})";
var response = new AddRoleClaimResponse
{
Claim = new RoleClaimDto
{
Type = claim.Type,
Value = claim.Value
}
};
return(context.AlreadyExists(response, detail));
}
var result = await _roleService.AddClaimAsync(role, claim);
if (result.Succeeded)
{
var detail = $"The claim type '{claim.Type}' (value=\"{claim.Value}\") as been added to the role '{role.Name}'. (roleId=${role.Id})";
var response = new AddRoleClaimResponse
{
Claim = new RoleClaimDto
{
Type = claim.Type,
Value = claim.Value
}
};
return(context.Ok(response, detail));
}
throw context.FailedPreconditionRpcException(
result,
$"Failed to add the claim type '{claim.Type}' (value=\"{claim.Value}\") to the role '{role.Name}'. (roleId=${role.Id})");
}
public async Task <IHttpActionResult> AddClaim([FromUri] string roleId, ClaimModel permission)
{
var result = await _roleService.AddClaimAsync(roleId, permission);
var actionResult = CreatedAtRoute(
"GetClaimById",
new
{
RoleId = roleId,
ClaimId = result.Id
},
result);
return(actionResult);
}
public async Task <IActionResult> AddClaim([FromRoute] string id, [FromBody] CreateClaimModel model)
{
if (!Valid(model, out var error))
{
return(error);
}
var role = await _roleService.FindByIdAsync(id);
if (role?.Data == null)
{
return(NotFound());
}
var issuer = _security.Value.Tokens.Issuer;
var claim = new Claim(model.Type, model.Value, model.ValueType ?? ClaimValueTypes.String, issuer);
var result = await _roleService.AddClaimAsync(role.Data, claim);
return(result.Succeeded
? Created($"/api/roles/{role.Data.Id}/claims", claim)
: (IActionResult)BadRequest(result.Errors));
}
public async Task <IActionResult> AddClaim([FromRoute] string id, [FromBody] CreateClaimModel model)
{
if (!this.TryValidateModelOrError(model, ErrorEvents.ValidationFailed,
ErrorStrings.ValidationFailed, out var error))
{
return(error);
}
var role = await _roleService.FindByIdAsync(id);
if (role?.Data == null)
{
return(NotFound());
}
var issuer = _tokenInfoProvider.Issuer;
var claim = new Claim(model.Type, model.Value, model.ValueType ?? ClaimValueTypes.String, issuer);
var result = await _roleService.AddClaimAsync(role.Data, claim);
return(result.Succeeded
? Created($"/api/roles/{role.Data.Id}/claims", claim)
: (IActionResult)BadRequest(result.Errors));
}